[Pdns-users] Slaves aren't fetching zones fast enough.
Brendan Oakley
gentux2 at gmail.com
Thu Oct 9 23:39:43 UTC 2008
Hy Tyler,
On 9/28/08, Tyler Hall wrote:
>
> My master nameserver runs bind, and all of my slaves are running pdns.
>
> My problem is that pdns doesn't seem to process the slaves fast enough.
>
> I have a little over 50,000 domains in the system and it some of our
> customers are waiting days to get their changes being added to the system
> (especially when we add new domains) For example, when I added test7.com, it
> wasn't added into the master nameserver at first. Therefore the first few
> times it tried to grab the zone and then failed. After it failed a few
> times, it sat there for a few days before actually getting it. It knew it
> was stale, however didn't do an axfr.
> messages.1:Sep 26 15:15:52 dyndns pdns[3466]: Error trying to
> retrieve/refresh 'test7.com': Query to '69.46.16.x' for SOA of 'test7.com'
> produced a NS record
> messages.1:Sep 26 15:41:38 dyndns pdns[3466]: Error trying to
> retrieve/refresh 'test7.com': Query to '69.46.16.x' for SOA of 'test7.com'
> produced a NS record
> messages.1:Sep 26 16:07:29 dyndns pdns[3466]: Error trying to
> retrieve/refresh 'test7.com': Query to '69.46.16.x' for SOA of 'test7.com'
> produced a NS record
There may not be very graceful handling in PowerDNS for the special
case where a slave has a new zone, but its master is not configured
for it yet. The fix might be simple, but in theory it should never
happen. Actually IMHO it is pretty good that it stopped trying in vain
after a few failures and just logged a warning that it needs
attention.
Once you corrected the problem with the master, it was up to you to
initiate the AXFR. Either by forcing a retrieve from the slave, or
sending a notify from the master. That should clear that up.
> From what I gather, it just seems that there's a limited number of "checks"
> it will do at a given time, and it can't keep up. Is there anyway to
> increase that limit, or make sure it's able to check all these domains in
> short amounts of time (less then 60m?)
The evidence you have presented would seem to suggest a malfunction,
rather than a limit. There is no reason to expect all 50,000 zones to
be checked at the same time every 30 minutes. I have seen a few cases
where a zone just stopped trying to update, but it was not a server
with very many zones, so it would not seem to have to do with being
able to keep up with the number of domains. I can't seem to find a
reliable way to reproduce it, but my guess is it had to do with being
a "hidden" slave and the master was not reachable when it was trying
to retrieve it. Making strategic use of notifies, or forcing a
retrieval of zones when you know they need it, should take care of
these cases.
Brendan
More information about the Pdns-users
mailing list